OpenSSL Security Advisory 20230908 - The POLY1305 MAC (message authentication code) implementation contains a bug that might corrupt the internal state of applications on the Windows 64 platform when running on newer X86_64 processors supporting the AVX512-IFMA instructions.
d6e94a3126e644bbaa13389ba335ceeae5306ba99c3e42bf3217ce69144d0f9c
Windows still suffers from issues related to the replacement of the system drive letter during impersonation. This can be abused to trick privilege processes to load configuration files and other resources from untrusted locations leading to elevation of privilege.
51212fb8ba211343dbd84b024c9c604426cec77c9b3e2b2de253af6449695b28
Microsoft Windows Kernel renaming layered keys does not reference count security descriptors, leading to a use-after-free condition.
07ccb330f6ce87a10f6763766477dee076f0af9a3d5ca41262bb308dae53fe47
Red Hat Security Advisory 2023-4885-01 - Red Hat OpenShift support for Windows Containers allows you to deploy Windows container workloads running on Windows Server containers. Issues addressed include a privilege escalation vulnerability.
460087a9a8c98d7e4daf5cf8729ed581d6c97123bd4d68b4bc0529fc3007dc68
Red Hat Security Advisory 2023-4835-01 - Red Hat OpenShift support for Windows Containers allows you to deploy Windows container workloads running on Windows Server containers. Issues addressed include a privilege escalation vulnerability.
7d5fb7a904d0639e338b71274e76ed0da2872dc277b1ffefea5a9c601cec7d2f
Red Hat Security Advisory 2023-4777-01 - Red Hat OpenShift support for Windows Containers allows you to deploy Windows container workloads running on Windows Server containers. Issues addressed include a privilege escalation vulnerability.
e3586307d9a12ad56bbfa481583a15200c83e2007de29ed23bd6d9ccd486dd0e
Red Hat Security Advisory 2023-4780-01 - Red Hat OpenShift support for Windows Containers allows you to deploy Windows container workloads running on Windows Server containers. Issues addressed include a privilege escalation vulnerability.
7bcf774a041ddb561180c79586448283cade89ce840ba7fea9a444061a47855a
Red Hat Security Advisory 2023-4777-01 - Red Hat OpenShift support for Windows Containers allows you to deploy Windows container workloads running on Windows Server containers. Issues addressed include a privilege escalation vulnerability.
e3586307d9a12ad56bbfa481583a15200c83e2007de29ed23bd6d9ccd486dd0e
Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.
16663585c0ffefd5593a6628d4a20cc8241b9703b11283cfe71ead2b750888c8
This paper focuses on using Windows APIs to exploit and bypass modern day defense systems. The idea here is to understand the approach of how a modern day threat adversary would definitely help blue teamers to improve their defense mechanism. This article is useful for both blue and red teamers.
a08987a70023a852cfeef5c85e21b3ba9fa78f1aa30066467583fa799fdca5e3
OutSystems Service Studio version 11.53.30 suffers from a dll hijacking vulnerability.
a77f3edb50d1e6d881a2ff4679d75b1fbc5bc424de1e7da54048c4da8ca7768a
The Microsoft Windows Kernel CmDeleteLayeredKey may delete predefined tombstone keys, leading to security descriptor use-after-free.
a393bdd205b55a25a4010667d7d283c1bd373af4b7bb30a36f33608cf1edeb3f
The Microsoft Windows Kernel may reference rolled-back transacted keys through differencing hives.
b39149935b26f2a93874ead5ff16c8bafcc4acc7b2b341ba68ed2751bb86aa82
The Microsoft Windows Kernel may reference unbacked layered keys through registry virtualization.
7b5280c111b616102ccc14ddef413c7f8bbeeb1ba04df2aa047b88bdfe97d452
There is a Microsoft Windows Kernel arbitrary read that can be performed by accessing predefined keys through differencing hives.
492807027a3cf7a8d886110c04d56bed4abbb83ec85e31ab445e48ddc7826fce
Red Hat Security Advisory 2023-4488-01 - Red Hat OpenShift support for Windows Containers allows you to deploy Windows container workloads running on Windows Server containers.
252acb6439c37d57d435d183f3aa4787523afbcaecc3e6fbfba5f267fd67ba49
An issue in Diebold Nixdorf Vynamic View Console versions 5.3.1 and below allows a local attacker to execute arbitrary code via not restricting the search path for required DLLs and not verifying the signature.
e8ca12d6b8563b69ab66a6e4e43f64fa33eef9148ba6d2ac5f95576df569a4e6
169 bytes small Windows/x64 PIC NULL-free calc.exec shellcode.
4d8ef778b3fa4d33d047bc1cf28b30c55e64f1c18779fd433649fe60f5ea0bef
Red Hat Security Advisory 2023-4211-01 - The OpenJDK 17 packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. This release of the Red Hat build of OpenJDK 17 for Windows serves as a replacement for the Red Hat build of OpenJDK 17 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include denial of service and integer overflow vulnerabilities.
4d219381d45e2edd902db35713860843b101bbb38f67cf23777473567adc345e
Red Hat Security Advisory 2023-4212-01 - The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. This release of the Red Hat build of OpenJDK 8 for Windows serves as a replacement for the Red Hat build of OpenJDK 8 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include an integer overflow vulnerability.
502e14cf3d84e4253ead1d3fb32ef25a6a9663af4db4f8c17b3a4f77d11f1376
Red Hat Security Advisory 2023-4161-01 - The OpenJDK 11 packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. This release of the Red Hat build of OpenJDK 11 for Windows serves as a replacement for the Red Hat build of OpenJDK 11 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include denial of service and integer overflow vulnerabilities.
b4743a1f577fb5ee07e16a414faf65145a78773fd4180e08bc70413700126f1a
Red Hat Security Advisory 2023-4025-01 - Red Hat OpenShift support for Windows Containers allows you to deploy Windows container workloads running on Windows Server containers. Issues addressed include a bypass vulnerability.
44df9bd2f76286c5413fd65a278a9ce79e084219d6e99cacaf86f41a1b126c63
Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.
a79f7b04cbff823e30452abf4bcb86773d8583eb62d5f71f16c09f019f8a8777
326 bytes small Windows/x64 add administrative user dynamic PEB and EDT method shellcode.
ce836880761cfda2559a206f8a4eddd7cafbcbfe3f946cceb11b3d189d914798
Microsoft Microsoft Windows 11 version 22h2 suffers from a kernel privilege escalation vulnerability.
be4c5e79f9cf0b40f7b8ba9b4538a14f5731f19051d96808d39f4233d0d4064d